I've tried to enable FIPS in KM 1.6.0b2.
The first thing I did was a little research. I found Configuring Firefox for FIPS 140-2
which is an old page, but FF doesn't say how old.
So I followed instructions, gave myself a master password, disabled SSL3 (Privacy & Security>Encryption>>Encrypted Transmission), then Privacy & Security>Encryption>>Protected Storage>Manage Crypto Devices. In Device Manager, select NSS Internal PKCS #11 Module
and click "Enable FIPS". Nothing much happened. Actually, nothing happened.
Perservering, open "about:config", and make sure as many of the settings in "ssl" filter as I can find are set according to the FF site, almost all by switching them off
. Essentially, disable SSL3 and unset a number of cyphers.
However, I still see no indication that FIPS has in fact been enabled: going by the FF guide, I should see that in the Device Manager.
So, does KM 1.6.0b2 support FIPS 140-2? Or do we have a bug?
Allied to this is a question about the security padlock at lower left corner.
On a secure website, I expect to see this with an orange/amber URL bar
But on Secure Wikipedia (https
:\\en...) I see a red URL bar with a broken padlock
. BTW, Secure Wikipedia has always done this.
Am I reading the padlocks correctly?
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon 76RC, Pale Moon 26.4.1, IE11, Clyton email 15.0, Foxit Reader 126.96.36.1996, PaintShop Pro 6.02, ZAM Free 2.74, SuRun 188.8.131.52, VoodooShield 3.59b
"Learning is not compulsory. Neither is survival." Dr. W. Edwards Deming.
Edited 1 time(s). Last edit at 09/25/2011 09:01PM by gordon451.